Canonical published today the first Linux kernel security update for its recently released Ubuntu 22.10 (Kinetic Kudu) operating system series to address recently discovered Wi-Fi Stack security vulnerabilities.
Ubuntu 22.10 arrived last week on October 20th and it ships with Linux kernel 5.19 by default. The first kernel security patch arrived today to address a total of six security vulnerabilities discovered by various security researchers in the upstream kernel packages.
This first kernel security update for Ubuntu 22.10 patches the recently discovered Wi-Fi Stack security vulnerabilities that Canonical already patched in its other supported Ubuntu releases last week, namely Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS.
More specifically, the kernel update addresses CVE-2022-42719, CVE-2022-42720, CVE-2022-42721, CVE-2022-42722, and CVE-2022-41674, five vulnerabilities discovered by Sönke Huster in Linux kernel’s Wi-Fi driver stack that could allow a physically proximate attacker to cause a denial of service (system crash or infinite loop) or execute arbitrary code.
In addition, Ubuntu 22.10’s first kernel security update addresses CVE-2022-2602, a race condition discovered by David Bouman and Billy Jheng Bing Jhong in the io_uring subsystem, which could lead to a use-after-free vulnerability and allow a local attacker to crash the system by causing a denial of service or execute arbitrary code.
Again, these security flaws have already been patched in other supported Ubuntu releases, but it looks like Canonical’s Ubuntu Kernel Team didn’t have the time to backport them to Ubuntu 22.10 (Kinetic Kudu).
Canonical urges all Ubuntu 22.10 users to upgrade the kernel packages to the new versions (e.g. linux-image-generic 5.19.0-23.24 for 64-bit systems) as soon as possible. To update your installations, run the
sudo apt update && sudo apt full-upgrade command in the Terminal app or use the Software Updater utility.
Please keep in mind that you’ll have to reboot your system after installing the new kernel packages, as well as to rebuild and reinstall any third-party kernel modules you might have installed if you manually uninstalled the standard kernel metapackages (e.g. linux-generic).
Last updated 5 months ago